From 2930d40d57a8d4a79f0145b36973ee4572113261 Mon Sep 17 00:00:00 2001 From: Felipe Zimmerle Date: Mon, 28 Nov 2016 09:59:50 -0300 Subject: [PATCH] Changes the actions to affect the ruleMessage instead of transaction --- src/actions/block.cc | 6 +++--- src/actions/block.h | 4 +++- src/actions/deny.cc | 4 ++-- src/actions/deny.h | 4 +++- src/actions/msg.cc | 11 +++++------ src/actions/msg.h | 4 +++- src/actions/pass.cc | 4 +++- src/actions/pass.h | 3 ++- src/actions/status.cc | 5 +++-- src/actions/status.h | 4 +++- 10 files changed, 30 insertions(+), 19 deletions(-) diff --git a/src/actions/block.cc b/src/actions/block.cc index 97466dd9..9d495f36 100644 --- a/src/actions/block.cc +++ b/src/actions/block.cc @@ -26,13 +26,13 @@ namespace modsecurity { namespace actions { -bool Block::evaluate(Rule *rule, Transaction *transaction) { +bool Block::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { #ifndef NO_LOGS transaction->debug(8, "Running action block"); #endif - for (Action *a : rule->actions_runtime_pos) { + for (Action *a : rule->m_actionsRuntimePos) { if (a->isDisruptive() == true) { - transaction->m_actions.push_back(a); + rm->m_tmp_actions.push_back(a); } } return true; diff --git a/src/actions/block.h b/src/actions/block.h index 7522272f..c9d4d9f7 100644 --- a/src/actions/block.h +++ b/src/actions/block.h @@ -16,6 +16,7 @@ #include #include "modsecurity/actions/action.h" +#include "modsecurity/rule_message.h" #ifndef SRC_ACTIONS_BLOCK_H_ #define SRC_ACTIONS_BLOCK_H_ @@ -33,7 +34,8 @@ class Block : public Action { public: explicit Block(std::string action) : Action(action) { } - bool evaluate(Rule *rule, Transaction *transaction) override; + bool evaluate(Rule *rule, Transaction *transaction, + RuleMessage *rm) override; void fillIntervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/deny.cc b/src/actions/deny.cc index 8a29f80e..d0e9d2df 100644 --- a/src/actions/deny.cc +++ b/src/actions/deny.cc @@ -24,11 +24,11 @@ namespace modsecurity { namespace actions { -bool Deny::evaluate(Rule *rule, Transaction *transaction) { +bool Deny::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { #ifndef NO_LOGS transaction->debug(8, "Running action deny"); #endif - transaction->m_actions.push_back(this); + rm->m_tmp_actions.push_back(this); return true; } diff --git a/src/actions/deny.h b/src/actions/deny.h index c9a48bbf..cf5acc7f 100644 --- a/src/actions/deny.h +++ b/src/actions/deny.h @@ -17,6 +17,7 @@ #include "modsecurity/actions/action.h" #include "modsecurity/transaction.h" +#include "modsecurity/rule_message.h" #ifndef SRC_ACTIONS_DENY_H_ #define SRC_ACTIONS_DENY_H_ @@ -29,7 +30,8 @@ class Deny : public Action { public: explicit Deny(std::string action) : Action(action) { } - bool evaluate(Rule *rule, Transaction *transaction) override; + bool evaluate(Rule *rule, Transaction *transaction, + RuleMessage *rm) override; void fillIntervention(ModSecurityIntervention *i) override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/msg.cc b/src/actions/msg.cc index e2755da8..165aa637 100644 --- a/src/actions/msg.cc +++ b/src/actions/msg.cc @@ -22,6 +22,7 @@ #include "modsecurity/transaction.h" #include "src/macro_expansion.h" #include "modsecurity/rule.h" +#include "modsecurity/rule_message.h" /* * Description: Assigns a custom message to the rule or chain in which it @@ -45,14 +46,12 @@ namespace modsecurity { namespace actions { -bool Msg::evaluate(Rule *rule, Transaction *transaction) { -#ifndef NO_LOGS - std::string msg = MacroExpansion::expand(m_parser_payload, transaction); +bool Msg::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { + std::string msg = data(transaction); transaction->debug(9, "Saving msg: " + msg); -#endif - - rule->m_log_message = data(transaction); + rm->m_message = msg; + transaction->m_collections.storeOrUpdateFirst("RULE:msg", msg); return true; } diff --git a/src/actions/msg.h b/src/actions/msg.h index 06241713..20d65f1d 100644 --- a/src/actions/msg.h +++ b/src/actions/msg.h @@ -16,6 +16,7 @@ #include #include "modsecurity/actions/action.h" +#include "modsecurity/rule_message.h" #ifndef SRC_ACTIONS_MSG_H_ #define SRC_ACTIONS_MSG_H_ @@ -32,7 +33,8 @@ class Msg : public Action { explicit Msg(std::string action) : Action(action, RunTimeOnlyIfMatchKind) { } - bool evaluate(Rule *rule, Transaction *transaction) override; + bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) + override; std::string data(Transaction *Transaction); }; diff --git a/src/actions/pass.cc b/src/actions/pass.cc index edc1ac92..f9e43245 100644 --- a/src/actions/pass.cc +++ b/src/actions/pass.cc @@ -20,12 +20,14 @@ #include "modsecurity/transaction.h" #include "modsecurity/rule.h" +#include "modsecurity/rule_message.h" namespace modsecurity { namespace actions { -bool Pass::evaluate(Rule *rule, Transaction *transaction) { +bool Pass::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { + rm->m_tmp_actions.clear(); return true; } diff --git a/src/actions/pass.h b/src/actions/pass.h index 793d6844..14272e6a 100644 --- a/src/actions/pass.h +++ b/src/actions/pass.h @@ -29,7 +29,8 @@ class Pass : public Action { public: explicit Pass(std::string action) : Action(action) { } - bool evaluate(Rule *rule, Transaction *transaction) override; + bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) + override; bool isDisruptive() override { return true; } }; diff --git a/src/actions/status.cc b/src/actions/status.cc index 1ab77013..49cbbe6e 100644 --- a/src/actions/status.cc +++ b/src/actions/status.cc @@ -20,6 +20,7 @@ #include "modsecurity/transaction.h" + namespace modsecurity { namespace actions { @@ -36,8 +37,8 @@ bool Status::init(std::string *error) { } -bool Status::evaluate(Rule *rule, Transaction *transaction) { - transaction->m_actions.push_back(this); +bool Status::evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) { + rm->m_tmp_actions.push_back(this); return true; } diff --git a/src/actions/status.h b/src/actions/status.h index dd9806e6..80c626fe 100644 --- a/src/actions/status.h +++ b/src/actions/status.h @@ -16,6 +16,7 @@ #include #include "modsecurity/actions/action.h" +#include "modsecurity/rule_message.h" #ifndef SRC_ACTIONS_STATUS_H_ #define SRC_ACTIONS_STATUS_H_ @@ -32,7 +33,8 @@ class Status : public Action { explicit Status(std::string action) : Action(action, 2) { } bool init(std::string *error) override; - bool evaluate(Rule *rule, Transaction *transaction) override; + bool evaluate(Rule *rule, Transaction *transaction, RuleMessage *rm) + override; void fillIntervention(ModSecurityIntervention *i) override; protected: